During my time as a PhD student in the SycureLab at Syracuse University, I developed a number of tools and techniques that are used to perform malware reverse engineering via dynamic analysis. I began building a tool of my own, called DECAF (Dynamic Executable Code Analysis Framework), to assist in this sort of work.

DECAF uses an emulation-based approach to malware analysis. Using the QEMU processor emulator as a base, DECAF adds functionality for data tainting, instruction tracing, semantic gap reduction, and extensible plug-in support. While similar to the functionality of other whole-system analysis platforms, DECAF is often much, much faster. This allows us to add more instrumentation per emulated instruction, which leads to more complex analyses and studies.

Much of my PhD thesis is based upon DECAF and its design.


When I was doing some graduate work in electrical engineering at University of North Florida, I joined a research group that was performing research in the area of brain-computer interfacing (BCI). I published two papers on controlling robotics using eletroencephalographic signals under NSF award #0905468.

One of the demonstrations based upon our research work.

The project has since moved from UNF to the ASPEN Lab at Old Dominion University. Dr. Dean Krusienski still acts as the PI for the grant.


Here is a list of peer-reviewed papers, patents, magazine articles, and books that I have authored or co-authored. Not everything that I write is intended for an academic audience. I like to write educational articles about my research work and personal projects to help others to better understand the material that I work on.

G. Jin, H. Deng, B. J. Knapp, A. W. Henderson, J. B. Tuttle, R. Levy (2018). U.S. Patent No. 10,019,576. Washington, DC: U.S. Patent and Trademark Office.

X. Hu, Y. Cheng, Y. Duan, A. Henderson, H. Yin. JSForce: A Forced Execution Engine for Malicious JavaScript Detection. To appear in the 13th EAI International Conference on Security and Privacy in Communication Networks (SecureComm '17), October 2017.

A. Henderson, H. Yin, G. Jin, H. Han, H. Deng. VDF: Targeted Evolutionary Fuzz Testing of Virtual Devices. To appear in the 20th International Symposium on Research on Attacks, Intrusions, and Defenses (RAID 2017), September 2017.

Q. Feng, M. Wang, M. Zhang, R. Zhou, A. Henderson, H. Yin. Extracting Conditional Formulas for Cross-Platform Bug Search. Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security, April 2017.

A. Henderson, L. K. Yan, X. Hu, A. Prakash, H. Yin, and S. McCamant. (2016). DECAF: A platform-neutral whole-system dynamic binary analysis platform. IEEE Transactions on Software Engineering 43 (2), 164-184.

A. Henderson. Selective dynamic analysis of virtualized whole-system guest environments. Doctoral thesis, Syracuse University, 2016.

A. Henderson, A. Prakash. (2015). Android for the BeagleBone Black. Birmingham, UK: Packt Publishing. ISBN 978-1784392161.

A. Henderson (2015, January). BeagleBone Black: Capes verwalten. Raspberry Pi Geek.

A. Henderson, A. Prakash, L. K. Yan, X. Hu, X. Wang, R. Zhou, and H. Yin. Make it work, make it right, make it fast: building a platform-neutral whole-system dynamic binary analysis platform. Proceedings of the International Symposium on Software Testing and Analysis (ISSTA'14), San Jose, CA, July 2014.

A. Henderson (2014, April). Patrulha do código. Linux Magazine, 60-64.

A. Henderson (2014, March). Bred in the Bone: BeagleBone capes. Raspberry Pi Geek, 64-68.

L. K. Yan, A. Henderson, X. Hu, H. Yin, and S. McCamant. On soundness and precision of dynamic taint analysis. Technical Report SYR-EECS-2014-04, Syracuse University, January 2014.

A. Henderson (2013, December). Beagle Music: HDMI and the BeagleBone Black multimedia environment. Raspberry Pi Geek, 20-24.

A. Henderson (2013, December). SecurityCode-Kontrolle: Malware analysieren und bekämpen. Admin: IT-Praxis & Strategie, 78-91.

A. Henderson (2013, October). Code Patrol: Fighting malware with static and dynamic code analysis. Linux Magazine, 16-19.

N. Waytowich, A. Henderson, D. Krusienski, and D. Cox (2010, September). Robot application of a brain computer interface to staubli TX40 robots-early stages. In World Automation Congress (WAC), 2010 (pp. 1-6). IEEE.

A. Henderson (2010, May). A design for a middleware communications layer between an industrial robotic arm and the BCI2000 software package. In Proceedings of the Florida Conference on Recent Advances in Robotics (FCRAR).


I have served as an external reviewer for several conferences, workshops, and journals:

  • EAI International Conference on Security and Privacy in Communication Networks (SecureComm), 2015
  • Annual Computer Security Applications Conference (ACSAC), 2014 and 2015
  • Network and Distributed System Security Symposium (NDSS), 2013 and 2015
  • ACM Conference on Computer and Communications Security (CCS), 2014 and 2017
  • ACM Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), 2014
  • IEEE Transactions on Reliability, 2013